@logto/core-kit 2.2.0 → 2.3.0

package/lib/index.d.ts

@@ -1,6 +1,6 @@
 export * from './utils/index.js';
 export * from './regex.js';
-export * from './scope.js';
+export * from './openid.js';
 export * from './models/index.js';
 export * from './http.js';
 export * from './password-policy.js';

package/lib/index.js

@@ -1,6 +1,6 @@
 export * from './utils/index.js';
 export * from './regex.js';
-export * from './scope.js';
+export * from './openid.js';
 export * from './models/index.js';
 export * from './http.js';
 export * from './password-policy.js';

package/lib/openid.d.ts

@@ -0,0 +1,112 @@
+/** Scopes that reserved by Logto, which will be added to the auth request automatically. */
+export declare enum ReservedScope {
+    OpenId = "openid",
+    OfflineAccess = "offline_access"
+}
+/** Resources that reserved by Logto, which cannot be defined by users. */
+export declare enum ReservedResource {
+    /**
+     * The resource for organization template per RFC 0001.
+     *
+     * @see {@link https://github.com/logto-io/rfcs | RFC 0001} for more details.
+     */
+    Organization = "urn:logto:resource:organizations"
+}
+export type UserClaim = 'name' | 'picture' | 'username' | 'email' | 'email_verified' | 'phone_number' | 'phone_number_verified' | 'roles' | 'organizations' | 'organization_data' | 'organization_roles' | 'custom_data' | 'identities';
+/**
+ * Scopes for ID Token and Userinfo Endpoint.
+ */
+export declare enum UserScope {
+    /**
+     * Scope for basic user info.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Profile = "profile",
+    /**
+     * Scope for user email address.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Email = "email",
+    /**
+     * Scope for user phone number.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Phone = "phone",
+    /**
+     * Scope for user's custom data.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    CustomData = "custom_data",
+    /**
+     * Scope for user's social identity details.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Identities = "identities",
+    /**
+     * Scope for user's roles.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Roles = "roles",
+    /**
+     * Scope for user's organization IDs and perform organization token grant per [RFC 0001](https://github.com/logto-io/rfcs).
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Organizations = "urn:logto:scope:organizations",
+    /**
+     * Scope for user's organization roles per [RFC 0001](https://github.com/logto-io/rfcs).
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    OrganizationRoles = "urn:logto:scope:organization_roles"
+}
+/**
+ * Mapped claims that ID Token includes.
+ */
+export declare const idTokenClaims: Readonly<Record<UserScope, UserClaim[]>>;
+/**
+ * Additional claims that Userinfo Endpoint returns.
+ */
+export declare const userinfoClaims: Readonly<Record<UserScope, UserClaim[]>>;
+export declare const userClaims: Readonly<Record<UserScope, UserClaim[]>>;
+/**
+ * The prefix of the URN (Uniform Resource Name) for the organization in Logto.
+ *
+ * @example
+ * ```
+ * urn:logto:organization:123 // organization with ID 123
+ * ```
+ * @see {@link https://en.wikipedia.org/wiki/Uniform_Resource_Name | Uniform Resource Name}
+ */
+export declare const organizationUrnPrefix = "urn:logto:organization:";
+/**
+ * Build the URN (Uniform Resource Name) for the organization in Logto.
+ *
+ * @param organizationId The ID of the organization.
+ * @returns The URN for the organization.
+ * @see {@link organizationUrnPrefix} for the prefix of the URN.
+ * @example
+ * ```ts
+ * buildOrganizationUrn('1') // returns 'urn:logto:organization:1'
+ * ```
+ */
+export declare const buildOrganizationUrn: (organizationId: string) => string;
+/**
+ * Get the organization ID from the URN (Uniform Resource Name) for the organization in Logto.
+ *
+ * @param urn The URN for the organization. Must start with {@link organizationUrnPrefix}.
+ * @returns The ID of the organization.
+ * @throws {TypeError} If the URN is invalid.
+ * @example
+ * ```ts
+ * getOrganizationIdFromUrn('1') // throws TypeError
+ * getOrganizationIdFromUrn('urn:logto:organization:1') // returns '1'
+ * ```
+ */
+export declare const getOrganizationIdFromUrn: (urn: string) => string;

package/lib/openid.js

@@ -0,0 +1,143 @@
+/** Scopes that reserved by Logto, which will be added to the auth request automatically. */
+export var ReservedScope;
+(function (ReservedScope) {
+    ReservedScope["OpenId"] = "openid";
+    ReservedScope["OfflineAccess"] = "offline_access";
+})(ReservedScope || (ReservedScope = {}));
+/** Resources that reserved by Logto, which cannot be defined by users. */
+export var ReservedResource;
+(function (ReservedResource) {
+    /**
+     * The resource for organization template per RFC 0001.
+     *
+     * @see {@link https://github.com/logto-io/rfcs | RFC 0001} for more details.
+     */
+    ReservedResource["Organization"] = "urn:logto:resource:organizations";
+})(ReservedResource || (ReservedResource = {}));
+/**
+ * Scopes for ID Token and Userinfo Endpoint.
+ */
+export var UserScope;
+(function (UserScope) {
+    /**
+     * Scope for basic user info.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Profile"] = "profile";
+    /**
+     * Scope for user email address.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Email"] = "email";
+    /**
+     * Scope for user phone number.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Phone"] = "phone";
+    /**
+     * Scope for user's custom data.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["CustomData"] = "custom_data";
+    /**
+     * Scope for user's social identity details.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Identities"] = "identities";
+    /**
+     * Scope for user's roles.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Roles"] = "roles";
+    /**
+     * Scope for user's organization IDs and perform organization token grant per [RFC 0001](https://github.com/logto-io/rfcs).
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Organizations"] = "urn:logto:scope:organizations";
+    /**
+     * Scope for user's organization roles per [RFC 0001](https://github.com/logto-io/rfcs).
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["OrganizationRoles"] = "urn:logto:scope:organization_roles";
+})(UserScope || (UserScope = {}));
+/**
+ * Mapped claims that ID Token includes.
+ */
+export const idTokenClaims = Object.freeze({
+    [UserScope.Profile]: ['name', 'picture', 'username'],
+    [UserScope.Email]: ['email', 'email_verified'],
+    [UserScope.Phone]: ['phone_number', 'phone_number_verified'],
+    [UserScope.Roles]: ['roles'],
+    [UserScope.Organizations]: ['organizations'],
+    [UserScope.OrganizationRoles]: ['organization_roles'],
+    [UserScope.CustomData]: [],
+    [UserScope.Identities]: [],
+});
+/**
+ * Additional claims that Userinfo Endpoint returns.
+ */
+export const userinfoClaims = Object.freeze({
+    [UserScope.Profile]: [],
+    [UserScope.Email]: [],
+    [UserScope.Phone]: [],
+    [UserScope.Roles]: [],
+    [UserScope.Organizations]: ['organization_data'],
+    [UserScope.OrganizationRoles]: [],
+    [UserScope.CustomData]: ['custom_data'],
+    [UserScope.Identities]: ['identities'],
+});
+export const userClaims = Object.freeze(
+// Hard to infer type directly, use `as` for a workaround.
+// eslint-disable-next-line no-restricted-syntax
+Object.fromEntries(Object.values(UserScope).map((current) => [
+    current,
+    [...idTokenClaims[current], ...userinfoClaims[current]],
+])));
+/**
+ * The prefix of the URN (Uniform Resource Name) for the organization in Logto.
+ *
+ * @example
+ * ```
+ * urn:logto:organization:123 // organization with ID 123
+ * ```
+ * @see {@link https://en.wikipedia.org/wiki/Uniform_Resource_Name | Uniform Resource Name}
+ */
+export const organizationUrnPrefix = 'urn:logto:organization:';
+/**
+ * Build the URN (Uniform Resource Name) for the organization in Logto.
+ *
+ * @param organizationId The ID of the organization.
+ * @returns The URN for the organization.
+ * @see {@link organizationUrnPrefix} for the prefix of the URN.
+ * @example
+ * ```ts
+ * buildOrganizationUrn('1') // returns 'urn:logto:organization:1'
+ * ```
+ */
+export const buildOrganizationUrn = (organizationId) => `${organizationUrnPrefix}${organizationId}`;
+/**
+ * Get the organization ID from the URN (Uniform Resource Name) for the organization in Logto.
+ *
+ * @param urn The URN for the organization. Must start with {@link organizationUrnPrefix}.
+ * @returns The ID of the organization.
+ * @throws {TypeError} If the URN is invalid.
+ * @example
+ * ```ts
+ * getOrganizationIdFromUrn('1') // throws TypeError
+ * getOrganizationIdFromUrn('urn:logto:organization:1') // returns '1'
+ * ```
+ */
+export const getOrganizationIdFromUrn = (urn) => {
+    if (!urn.startsWith(organizationUrnPrefix)) {
+        throw new TypeError('Invalid organization URN.');
+    }
+    return urn.slice(organizationUrnPrefix.length);
+};

package/lib/password-policy.d.ts

@@ -1,3 +1,5 @@
+/// <reference types="node" resolution-mode="require"/>
+import { type webcrypto } from 'node:crypto';
 import { type DeepPartial } from '@silverhand/essentials';
 import { z } from 'zod';
 /** Password policy configuration type. */
@@ -137,7 +139,7 @@ export type UserInfo = Partial<{
  */
 export declare class PasswordPolicyChecker {
     /** The Web Crypto API to use. By default, the global `crypto.subtle` will be used. */
-    protected readonly subtle: SubtleCrypto;
+    protected readonly subtle: webcrypto.SubtleCrypto | SubtleCrypto;
     static symbols: "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ ";
     /** A set of characters that are considered as sequential. */
     static sequence: readonly ["0123456789", "abcdefghijklmnopqrstuvwxyz", "qwertyuiop", "asdfghjkl", "zxcvbnm", "1qaz", "2wsx", "3edc", "4rfv", "5tgb", "6yhn", "7ujm", "8ik", "9ol"];
@@ -153,7 +155,7 @@ export declare class PasswordPolicyChecker {
     readonly policy: PasswordPolicy;
     constructor(policy: DeepPartial<PasswordPolicy>, 
     /** The Web Crypto API to use. By default, the global `crypto.subtle` will be used. */
-    subtle?: SubtleCrypto);
+    subtle?: webcrypto.SubtleCrypto | SubtleCrypto);
     /**
      * Check if a password meets all the policy requirements.
      *

package/lib/password-policy.js

@@ -43,7 +43,7 @@ export const passwordPolicyGuard = z.object({
  * // ]
  * ```
  */
-class PasswordPolicyChecker {
+export class PasswordPolicyChecker {
     static { this.symbols = Object.freeze('!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~ '); }
     /** A set of characters that are considered as sequential. */
     static { this.sequence = Object.freeze([
@@ -356,4 +356,3 @@ class PasswordPolicyChecker {
         return false;
     }
 }
-export { PasswordPolicyChecker };

package/lib/regex.d.ts

@@ -7,3 +7,5 @@ export declare const mobileUriSchemeProtocolRegEx: RegExp;
 export declare const hexColorRegEx: RegExp;
 export declare const dateRegex: RegExp;
 export declare const noSpaceRegEx: RegExp;
+/** Full domain that consists of at least 3 parts, e.g. foo.bar.com */
+export declare const domainRegEx: RegExp;

package/lib/regex.js

@@ -7,3 +7,5 @@ export const mobileUriSchemeProtocolRegEx = /^[a-z][\d+_a-z-]*(\.[\d+_a-z-]+)+:$
 export const hexColorRegEx = /^#[\da-f]{3}([\da-f]{3})?$/i;
 export const dateRegex = /^\d{4}(-\d{2}){2}/;
 export const noSpaceRegEx = /^\S+$/;
+/** Full domain that consists of at least 3 parts, e.g. foo.bar.com */
+export const domainRegEx = /^[\dA-Za-z]+(\.[\dA-Za-z]+){2,}$/;

package/lib/utils/index.d.ts

@@ -1,2 +1,3 @@
 export * from './color.js';
+export * from './regex.js';
 export * from './url.js';

package/lib/utils/index.js

@@ -1,2 +1,3 @@
 export * from './color.js';
+export * from './regex.js';
 export * from './url.js';

package/lib/utils/regex.d.ts

@@ -0,0 +1 @@
+export declare const isValidRegEx: (regEx?: string) => boolean;

package/lib/utils/regex.js

@@ -0,0 +1,8 @@
+export const isValidRegEx = (regEx) => {
+    try {
+        return Boolean(regEx && new RegExp(regEx));
+    }
+    catch {
+        return false;
+    }
+};

package/lib/utils/url.d.ts

@@ -1,2 +1,3 @@
 export declare const validateRedirectUrl: (url: string, type: 'web' | 'mobile') => boolean;
 export declare const validateUriOrigin: (url: string) => boolean;
+export declare const isValidUrl: (url?: string) => boolean;

package/lib/utils/url.js

@@ -17,3 +17,11 @@ export const validateUriOrigin = (url) => {
         return false;
     }
 };
+export const isValidUrl = (url) => {
+    try {
+        return Boolean(url && new URL(url));
+    }
+    catch {
+        return false;
+    }
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/core-kit",
-  "version": "2.2.0",
+  "version": "2.3.0",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "homepage": "https://github.com/logto-io/toolkit#readme",
   "repository": {
@@ -26,34 +26,34 @@
     "scss"
   ],
   "engines": {
-    "node": "^18.12.0"
+    "node": "^20.9.0"
   },
   "dependencies": {
-    "@logto/language-kit": "^1.0.0",
-    "@logto/shared": "^3.0.0",
+    "@logto/language-kit": "^1.1.0",
+    "@logto/shared": "^3.1.0",
     "color": "^4.2.3"
   },
   "optionalDependencies": {
-    "zod": "^3.20.2"
+    "zod": "^3.22.4"
   },
   "devDependencies": {
     "@jest/types": "^29.0.3",
-    "@silverhand/eslint-config": "4.0.1",
-    "@silverhand/essentials": "^2.8.4",
-    "@silverhand/ts-config": "4.0.0",
-    "@silverhand/ts-config-react": "4.0.0",
+    "@silverhand/eslint-config": "5.0.0",
+    "@silverhand/essentials": "^2.9.0",
+    "@silverhand/ts-config": "5.0.0",
+    "@silverhand/ts-config-react": "5.0.0",
     "@types/color": "^3.0.3",
     "@types/jest": "^29.4.0",
-    "@types/node": "^18.11.18",
+    "@types/node": "^20.9.5",
     "@types/react": "^18.0.31",
     "eslint": "^8.44.0",
-    "jest": "^29.5.0",
-    "lint-staged": "^14.0.0",
-    "postcss": "^8.4.6",
+    "jest": "^29.7.0",
+    "lint-staged": "^15.0.0",
+    "postcss": "^8.4.31",
     "prettier": "^3.0.0",
     "stylelint": "^15.0.0",
     "tslib": "^2.4.1",
-    "typescript": "^5.0.0"
+    "typescript": "^5.3.3"
   },
   "eslintConfig": {
     "extends": "@silverhand"

package/scss/_console-themes.scss

@@ -92,6 +92,7 @@
   --color-alert-99: #fff5eb;
 
   // color aliases
+  --color-static-white: #fff;
   --color-primary: var(--color-primary-40);
   --color-on-primary: var(--color-all-100);
   --color-primary-container: var(--color-primary-90);
@@ -158,6 +159,10 @@
   --color-env-tag-development: rgba(93, 52, 242, 15%);
   --color-env-tag-staging: rgba(255, 185, 90, 35%);
   --color-env-tag-production: rgba(131, 218, 133, 35%);
+  --color-specific-icon-bg: #f3effa;
+  --color-specific-toggle-off-enable: var(--color-neutral-90);
+  --color-specific-unselected-disabled: var(--color-hover); // 8% Neutral-10
+  --color-function-n-overlay-primary-focused: rgba(93, 52, 242, 16%); // 16% Primary-40
 
   // Shadows
   --shadow-1: 0 4px 8px rgba(0, 0, 0, 8%);
@@ -173,16 +178,19 @@
   --color-tooltip-background: #34353f; // dark theme Surface-4
   --color-tooltip-text: var(--color-neutral-99);
   --color-overlay: rgba(0, 0, 0, 30%);
+  --color-overlay-default-focused: rgba(25, 28, 29, 16%);
   --color-drawer-overlay: rgba(0, 0, 0, 40%);
   --color-guide-dropdown-background: var(--color-white);
   --color-guide-dropdown-border: var(--color-border);
   --color-skeleton-shimmer-rgb: 255, 255, 255; // rgb of Layer-1
   --color-specific-tag-upsell: var(--color-primary-50);
+  --color-specific-tag-test: var(--color-tertiary-50);
+  --color-specific-toggle-thumb-disabled: #ffffffb3;
 
   // Background
   --color-bg-body-base: var(--color-neutral-95);
   --color-bg-body: var(--color-neutral-100);
-  --color-bg-layer-1: var(--color-static-white);
+  --color-bg-layer-1: var(--color-all-100);
   --color-bg-layer-2: var(--color-neutral-95);
   --color-bg-body-overlay: var(--color-neutral-100);
   --color-bg-float-base: var(--color-neutral-variant-90);
@@ -192,6 +200,7 @@
   --color-bg-toast: var(--color-neutral-20);
   --color-bg-state-unselected: var(--color-neutral-90);
   --color-bg-state-disabled: rgba(25, 28, 29, 8%); // 8% --color-neutral-10
+  --color-bg-info-tag: rgba(229, 225, 236, 80%); // 80% --color-neutral-variant-90
 }
 
 @mixin dark {
@@ -288,6 +297,7 @@
   --color-alert-99: #2b1700;
 
   // color aliases
+  --color-static-white: #fff;
   --color-primary: var(--color-primary-70);
   --color-on-primary: var(--color-all-0);
   --color-primary-container: var(--color-primary-30);
@@ -354,6 +364,10 @@
   --color-env-tag-development: rgba(202, 190, 255, 32%);
   --color-env-tag-staging: rgba(235, 153, 24, 36%);
   --color-env-tag-production: rgba(104, 190, 108, 36%);
+  --color-specific-icon-bg: rgba(247, 248, 248, 12%);
+  --color-specific-toggle-off-enable: var(--color-neutral-90);
+  --color-specific-unselected-disabled: var(--color-hover); // 8% Neutral-10
+  --color-function-n-overlay-primary-focused: rgba(202, 190, 255, 16%); // 16% Primary-40
 
   // Shadows
   --shadow-1: 0 4px 8px rgba(0, 0, 0, 8%);
@@ -369,11 +383,14 @@
   --color-tooltip-background: var(--color-surface-4);
   --color-tooltip-text: var(--color-neutral-10);
   --color-overlay: rgba(0, 0, 0, 70%); // 70% Neutral-100
+  --color-overlay-default-focused: rgba(247, 248, 248, 16%);
   --color-drawer-overlay: rgba(0, 0, 0, 60%);
   --color-guide-dropdown-background: var(--color-neutral-variant-80);
   --color-guide-dropdown-border: var(--color-neutral-variant-70);
   --color-skeleton-shimmer-rgb: 42, 44, 50; // rgb of Layer-1
   --color-specific-tag-upsell: var(--color-primary-70);
+  --color-specific-tag-test: var(--color-tertiary-80);
+  --color-specific-toggle-thumb-disabled: #ffffff4d;
 
   // Background
   --color-bg-body-base: var(--color-neutral-100);
@@ -391,4 +408,5 @@
   --color-bg-toast: var(--color-neutral-80);
   --color-bg-state-unselected: var(--color-neutral-90);
   --color-bg-state-disabled: rgba(247, 248, 248, 8%); // 8% --color-neutral-10
+  --color-bg-info-tag: var(--color-neutral-variant-90);
 }

package/lib/scope.d.ts

@@ -1,55 +0,0 @@
-export declare enum ReservedScope {
-    OpenId = "openid",
-    OfflineAccess = "offline_access"
-}
-export type UserClaim = 'name' | 'picture' | 'username' | 'email' | 'email_verified' | 'phone_number' | 'phone_number_verified' | 'roles' | 'custom_data' | 'identities';
-/**
- * Scopes for ID Token and Userinfo Endpoint.
- */
-export declare enum UserScope {
-    /**
-     * Scope for basic user info.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Profile = "profile",
-    /**
-     * Scope for user email address.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Email = "email",
-    /**
-     * Scope for user phone number.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Phone = "phone",
-    /**
-     * Scope for user's custom data.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    CustomData = "custom_data",
-    /**
-     * Scope for user's social identity details.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Identities = "identities",
-    /**
-     * Scope for user's roles.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    Roles = "roles"
-}
-/**
- * Mapped claims that ID Token includes.
- */
-export declare const idTokenClaims: Readonly<Record<UserScope, UserClaim[]>>;
-/**
- * Additional claims that Userinfo Endpoint returns.
- */
-export declare const userinfoClaims: Readonly<Record<UserScope, UserClaim[]>>;
-export declare const userClaims: Readonly<Record<UserScope, UserClaim[]>>;

package/lib/scope.js

@@ -1,76 +0,0 @@
-export var ReservedScope;
-(function (ReservedScope) {
-    ReservedScope["OpenId"] = "openid";
-    ReservedScope["OfflineAccess"] = "offline_access";
-})(ReservedScope || (ReservedScope = {}));
-/**
- * Scopes for ID Token and Userinfo Endpoint.
- */
-export var UserScope;
-(function (UserScope) {
-    /**
-     * Scope for basic user info.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    UserScope["Profile"] = "profile";
-    /**
-     * Scope for user email address.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    UserScope["Email"] = "email";
-    /**
-     * Scope for user phone number.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    UserScope["Phone"] = "phone";
-    /**
-     * Scope for user's custom data.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    UserScope["CustomData"] = "custom_data";
-    /**
-     * Scope for user's social identity details.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    UserScope["Identities"] = "identities";
-    /**
-     * Scope for user's roles.
-     *
-     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
-     */
-    UserScope["Roles"] = "roles";
-})(UserScope || (UserScope = {}));
-/**
- * Mapped claims that ID Token includes.
- */
-export const idTokenClaims = Object.freeze({
-    [UserScope.Profile]: ['name', 'picture', 'username'],
-    [UserScope.Email]: ['email', 'email_verified'],
-    [UserScope.Phone]: ['phone_number', 'phone_number_verified'],
-    [UserScope.Roles]: ['roles'],
-    [UserScope.CustomData]: [],
-    [UserScope.Identities]: [],
-});
-/**
- * Additional claims that Userinfo Endpoint returns.
- */
-export const userinfoClaims = Object.freeze({
-    [UserScope.Profile]: [],
-    [UserScope.Email]: [],
-    [UserScope.Phone]: [],
-    [UserScope.Roles]: [],
-    [UserScope.CustomData]: ['custom_data'],
-    [UserScope.Identities]: ['identities'],
-});
-export const userClaims = Object.freeze(
-// Hard to infer type directly, use `as` for a workaround.
-// eslint-disable-next-line no-restricted-syntax
-Object.fromEntries(Object.values(UserScope).map((current) => [
-    current,
-    [...idTokenClaims[current], ...userinfoClaims[current]],
-])));